Understanding the mobile security implications of the deskless workforce

What is a deskless workforce?

Distributed organizations that use technology to enhance their operations or to interface with customers and partners often employ deskless workers. These are employees who primarily work out in the field, in retail or anywhere outside of the corporate campus.

Organizations manage devices that are easily picked up and transported, like iPhone or iPad, and support a variety of use cases and ownership models such as 1:1, shared, or single-use consoles.

At times, managers of Apple-first or Apple-heavy fleets using iOS and iPad OS for business operations can lean too heavily on the fact that Apple devices have extraordinarily secure operating systems. They can assume that they need no additional iOS security or iPad security solutions, because devices and networks are, by default, safe from attacks.

Sadly, this is no longer the case. The flip side of increased Apple adoption in business means that hackers have focused on Apple, finding the increased work it takes to get past defenses worth their while. Apple device security is now a must-have for even the smallest of businesses.

Increasingly, management alone is not enough.

Device management is not mobile security

Mobile Device Management (MDM) is a vital tool for IT departments to track, update and provision organizational devices. MDM is indispensable for the administration of mobile devices. This supports devices and users in an easy, consistent and scalable way without manually intervening and interrupting usage. It's a way for companies of all sizes to perform IT tasks to manage devices across the infrastructure from anywhere and over any network connection at any time.

While MDM helps to ensure that devices are configured properly and are maintained with security patches and OS updates, it does not itself secure devices. MDM handles configuration, not protection. And modern threats extend beyond what MDM was designed to address.

MDM alone is no longer sufficient for mobile security.

Modern mobile environments require:

• Threat visibility
• Continuous device compliance monitoring
• Device health awareness
• Identity-aware access
• Mobile threat protection automation

And they must all be delivered in a way that small IT teams can realistically manage.

Visibility gaps create exposure

Without insight into device health, apps and network behavior, risks can go undetected. Organizations need security solutions that continuously monitor compliance at the device level to catch audit and security gaps, and access decisions must include device health and risk context.

To close these gaps, IT staff — no matter how small the team — need automation.

Automation of tedious but vital security tasks removes the effects of human error. Updates, checks and malware detection can happen the instant strange behavior is detected rather than waiting for workday hours. And automated security can better work in the background without increasing operational load.

Discover how you can protect your distributed organization

Jamf's paper on securing the deskless workforce through purposeful deployment shows you how to:

• Optimize deskless device configurations
• Maximize your deskless workflows
• Incorporate deskless workflows into your organization
• Use Jamf solutions that support the mobile, deskless workforce